You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/network-watcher/network-watcher-ip-flow-verify-overview.md
+13-8Lines changed: 13 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,7 @@ author: halkazwini
6
6
ms.author: halkazwini
7
7
ms.service: network-watcher
8
8
ms.topic: concept-article
9
-
ms.date: 09/15/2023
9
+
ms.date: 09/28/2023
10
10
11
11
#CustomerIntent: As an Azure administrator, I want learn about IP flow verify so I can use it to check the security rules applied on the VMs to confirm if traffic is allowed or denied.
12
12
---
@@ -23,18 +23,23 @@ IP flow verify uses traffic direction, protocol, local IP, remote IP, local port
23
23
24
24
IP flow verify returns **Access denied** or **Access allowed**, the name of the security rule that denies or allows the traffic, and the network security group with a link to it so you can edit it if you need to. It doesn't provide a link if a default security rule is denying or allowing the traffic. For more information, see [Default security rules](../virtual-network/network-security-groups-overview.md#default-security-rules).
25
25
26
-
:::image type="content" source="./media/network-watcher-ip-flow-verify-overview/access-denied.png" alt-text="Screenshot of IP flow verify result in the Azure portal." lightbox="./media/network-watcher-ip-flow-verify-overview/access-denied.png":::
26
+
:::image type="content" source="./media/network-watcher-ip-flow-verify-overview/access-denied.png" alt-text="Screenshot of IP flow verify result in the Azure portal.":::
27
27
28
-
To use IP flow verify, you need to a Network Watcher instance in the Azure subscription and region of the virtual machine and have the necessary permissions to access the feature. For more information, see [Enable or disable Azure Network Watcher](network-watcher-create.md) and [RBAC permissions required to use Network Watcher capabilities](required-rbac-permissions.md).
28
+
## Prerequisites
29
29
30
-
> [!NOTE]
31
-
> - IP flow verify tests TCP and UDP traffic. To test ICMP traffic, use [NSG diagnostics](network-watcher-network-configuration-diagnostics-overview.md).
32
-
> - IP flow verify tests security and admin rules applied to a virtual machine's network interface. To test virtual machine scale sets, use [NSG diagnostics](network-watcher-network-configuration-diagnostics-overview.md).
30
+
To use IP flow verify, you must meet the following prerequisites:
31
+
32
+
- Network Watcher instance in the Azure subscription and region of the virtual machine. For more information, see [Enable or disable Azure Network Watcher](network-watcher-create.md).
33
+
- Have the necessary permissions to access the feature. For more information, see [RBAC permissions required to use Network Watcher capabilities](required-rbac-permissions.md).
34
+
35
+
## Considerations
36
+
37
+
- IP flow verify tests TCP and UDP traffic. To test ICMP traffic, use [NSG diagnostics](network-watcher-network-configuration-diagnostics-overview.md).
38
+
- IP flow verify tests security and admin rules applied to a virtual machine's network interface. To test virtual machine scale sets, use [NSG diagnostics](network-watcher-network-configuration-diagnostics-overview.md).
33
39
34
40
## Next step
35
41
36
42
To learn how to use IP flow verify, continue to:
37
43
38
44
> [!div class="nextstepaction"]
39
-
> [Diagnose a virtual machine network traffic filter problem](diagnose-vm-network-traffic-filtering-problem.md).
40
-
45
+
> [Diagnose a virtual machine network traffic filter problem](diagnose-vm-network-traffic-filtering-problem.md)
0 commit comments